Overview

File 0002-CVE-2020-25651-vdagentd-do-not-allow-to-use-an-already-used-file-xfer-id.patch of Package spice-vdagent.20485

Subject: vdagentd: do not allow to use an already used file-xfer id
From: Uri Lublin uril@redhat.com Sun Oct 11 20:59:17 2020 +0300
Date: Tue Nov 3 09:44:05 2020 +0000:
Git: b7db1c20c9f80154fb54392eb44add3486d3e427

Signed-off-by: Uri Lublin <uril@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Index: spice-vdagent-0.16.0/src/vdagentd.c
===================================================================
--- spice-vdagent-0.16.0.orig/src/vdagentd.c
+++ spice-vdagent-0.16.0/src/vdagentd.c
@@ -346,6 +346,13 @@ static void do_client_file_xfer(struct v
                "Cancelling client file-xfer request %u",
                s->id);
             return;
+        } else if (g_hash_table_lookup(active_xfers, GUINT_TO_POINTER(s->id)) != NULL) {
+            // id is already used -- client is confused
+            cancel_file_xfer(vport,
+               "File transfer ID is already used. "
+               "Cancelling client file-xfer request %u",
+               s->id);
+            return;
         }
         msg_type = VDAGENTD_FILE_XFER_START;
         id = s->id;
openSUSE Build Service is sponsored by
Places